Lucene search
K

396 matches found

UbuntuCve
UbuntuCve
added 2019/01/02 6:29 p.m.31 views

CVE-2018-19362

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization...

9.8CVSS7.2AI score0.10599EPSS
Exploits0References6
OSV
OSV
added 2019/01/02 6:29 p.m.5 views

UBUNTU-CVE-2018-19361

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization...

9.8CVSS7.3AI score0.10599EPSS
Exploits0References7
OSV
OSV
added 2019/01/02 6:29 p.m.1 views

DEBIAN-CVE-2018-19361

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization...

9.8CVSS9.3AI score0.10599EPSS
Exploits0References1
OSV
OSV
added 2019/01/02 6:29 p.m.21 views

CVE-2018-19360

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization...

9.8CVSS9.7AI score
Exploits0References37
OSV
OSV
added 2019/01/02 6:29 p.m.27 views

CVE-2018-19361

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization...

9.8CVSS9.7AI score
Exploits0References37
OSV
OSV
added 2019/01/02 6:29 p.m.2 views

DEBIAN-CVE-2018-14721

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery SSRF attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization...

10CVSS9.1AI score0.10458EPSS
Exploits0References1
OSV
OSV
added 2019/01/02 6:29 p.m.32 views

CVE-2018-14719

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization...

9.8CVSS9.8AI score0.09682EPSS
Exploits0References31
CVE
CVE
added 2019/01/02 6:0 p.m.213 views

CVE-2018-19362

CVE-2018-19362: A vulnerability in Jackson Databind (FasterXML) affects 2.x prior to 2.9.8, due to failure to block the jboss-common-core class in polymorphic deserialization. The IBM doc lists an unknown impact/attack vector with a base score of 5.3 and notes the issue as an unspecified deserial...

9.8CVSS8.8AI score0.10599EPSS
Exploits0References38Affected Software1
Cvelist
Cvelist
added 2019/01/02 6:0 p.m.26 views

CVE-2018-14719

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization...

9.8AI score0.09682EPSS
Exploits0References31
Cvelist
Cvelist
added 2019/01/02 6:0 p.m.27 views

CVE-2018-19360

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization...

8.8AI score0.10599EPSS
Exploits0References37
Cvelist
Cvelist
added 2019/01/02 6:0 p.m.25 views

CVE-2018-14721

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery SSRF attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization...

9.5AI score0.10458EPSS
Exploits0References29
Cvelist
Cvelist
added 2019/01/02 6:0 p.m.25 views

CVE-2018-14720

FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity XXE attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization...

9.5AI score0.07524EPSS
Exploits0References32
Cvelist
Cvelist
added 2019/01/02 6:0 p.m.23 views

CVE-2018-19362

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization...

8.8AI score0.10599EPSS
Exploits0References38
CVE
CVE
added 2019/01/02 6:0 p.m.444 views

CVE-2018-19361

CVE-2018-19361 is listed in the IBM Cloudera Observability bulletin as affecting Cloudera Observability on Premises 3.5.3, with remediation in 3.6.2. Description from the bulletin notes that FasterXML jackson-databind 2.x before 2.9.8 allows polymorphic deserialization via the openjpa class, yiel...

9.8CVSS8.8AI score0.10599EPSS
Exploits0References37Affected Software1
CVE
CVE
added 2019/01/02 6:0 p.m.408 views

CVE-2018-19360

CVE-2018-19360 affects FasterXML jackson-databind 2.x before 2.9.8, where failure to block the axis2-transport-jms class enables polymorphic deserialization with unspecified impact. IBM/Cloudera docs corroborate related deserialization flaws across jackson-databind versions and list remediation a...

9.8CVSS8.8AI score0.10599EPSS
Exploits0References37Affected Software1
Cvelist
Cvelist
added 2019/01/02 6:0 p.m.27 views

CVE-2018-14718

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization...

9.8AI score0.12679EPSS
Exploits0References35
Cvelist
Cvelist
added 2019/01/02 6:0 p.m.22 views

CVE-2018-19361

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization...

8.8AI score0.10599EPSS
Exploits0References37
Debian CVE
Debian CVE
added 2019/01/02 6:0 p.m.47 views

CVE-2018-14719

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization...

9.8CVSS9.6AI score0.09682EPSS
Exploits0
Debian CVE
Debian CVE
added 2019/01/02 6:0 p.m.36 views

CVE-2018-14721

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery SSRF attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization...

10CVSS9.9AI score0.10458EPSS
Exploits0
Debian CVE
Debian CVE
added 2019/01/02 6:0 p.m.34 views

CVE-2018-19362

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization...

9.8CVSS10AI score0.10599EPSS
Exploits0
Rows per page
Query Builder